Encryption turns meaningful words and phrases into coded language.
Everything that you do during your Online Banking session becomes a string of
unrecognizable numbers before crossing the Internet. Your account information
will read as gibberish to everyone but you and our financial institution. All
of your Online Banking sessions will be encrypted. We employ the strongest
forms of cryptography that are commercially available for use over the
Internet.

We take numerous steps to keep your account information secure. However, you
must take precautions as well. Follow these tips to increase your online
security:

If you suspect your computer is infected with malware, discontinue using it
for banking, shopping, or other activities involving sensitive information. Use
security software and/or professional help to find and remove malware.

Use firewalls on your local network to add another layer of protection for
all the devices that connect through the firewall (e.g. PCs, smartphones, and
tablets).

Password-protect your computer network (wired or wireless). Log off or lock
your computer when not in use.

General Online Security

Never click on suspicious links in emails, tweets, posts, or online
advertising. Links can take you to a different web site than their labels
indicate. Typing an address in your browser instead of clicking a link in an
email is a safer alternative.

Only give sensitive information to web sites using encryption so your
information is protected as it travels across the Internet. Verify the web
address begins with https:// (the s is for secure)
rather than just http://. Some browsers also display a closed
padlock.

Do not trust sites with certificate warnings or errors. These messages
could be caused by your connection being intercepted or the web server
misrepresenting its identity.

Avoid using public computers or public wireless access points for online
banking and other activities involving sensitive information when possible.

Be cautious of unsolicited phone calls, emails, or texts directing you to a
web site or requesting sensitive information.

Password Best Practices

Create a unique password for all the different systems you use. If you
dont, then one breach leaves all your accounts vulnerable.

Never share your password over the phone, in texts, by email, or in person.
If you are asked for your password, its probably a scam.

Use unpredictable passwords with a combination of lowercase letters,
capital letters, numbers, and special characters.

The longer the password, the tougher it is to crack. Use a password with at
least eight characters. Every additional character exponentially strengthens a
password.

Avoid using obvious passwords such as

your name

your business name

family member names

your username

birthdates

dictionary words

Choose a password you can remember without writing it down. If you do
choose to write it down, store it in a secure location.

Cumberland Security Bank and Your Log-In
Credentials

We will never call, email or otherwise contact you to request your access
ID, password, or other log-in credentials for the online services we
offer. If you receive such a request, do not provide any
information. Contact us at (606) 679-9361 to report the incident. We may,
however, request your access ID, social security number or other personal
information to verify your identity if you contact us requesting assistance
with online services.

Reporting Suspicious Activity

If you see suspicious activity on your account(s) or have received a
suspicious call, email, letter or other similar contact regarding your
relationship to Cumberland Security Bank, call (606) 679-9361 or visit your
local branch.

Consumer Protection  Regulation E

Regulation E provides rules for error resolution and unauthorized
transactions for electronic fund transfers, which includes most transactions
processed online. In addition, it establishes limits to your financial
liability for unauthorized electronic fund transfers. These limits, however,
are directly related to the timeliness of your detection and reporting of
issues to Cumberland Security Bank. For this reason, we encourage you to
immediately review your account statements and to regularly monitor your
account activity online.

The "Electronic Fund Transfers" disclosure provided to you at the
time of account opening provides detailed information. We will provide to
you, upon request, a free printed copy of this disclosure.

Note: Regulation E does not apply to business accounts.

Additional Information for Business Users of Online
Services

Due to their size and frequency, business transactions are inherently more
risky than consumer transactions. In recent years, there has been an
increase in the number of online corporate account takeovers and unauthorized
online fund transfers involving business accounts.

Recently, small- to medium-sized businesses have been primary targets as
cyber criminals have recognized that the security controls they have in place
are not as robust as those of larger businesses. Analysis indicates
enhanced controls over administrative access and functions related to business
accounts and layered security using multiple and independent controls would
help to reduce these types of crime.

Recommended enhanced controls for businesses:

Perform a periodic risk assessment and an evaluation of the effectiveness
of the controls in place to minimize the risks of online transaction
processing.

The password, web site, computer and network tips above provide a starting
point for this process.

Business customers should understand the security features of the software
and web sites they utilize and take advantage of these features.
Segregation of dutiesthe process of separating duties so no one person
can perform all steps of a transactionis an example of a very important
security feature.